Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 24 Filtered view

Malware Targets Banks, Crypto Platforms and Social MediaNewly surfaced Android-based banking Trojan gives threat actors near-total control over infected devices, letting them steal user credentials for direct access to financial accounts, says researchers. Rokarolla tricks users into side-loading malicious versions of popular, high traffic apps.

Security Affairs 1 month, 3 weeks ago

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 98

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Popular node-ipc npm Package Infected with Credential Stealer  New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Active Supply Chain Attack Compromises @antv Packages on npm actions-cool/issues-helper GitHub Action Compromised: All Tags Point to […]

Python interface for LLMs infected with malware via polluted CI/CD pipeline Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected them with malicious credential-stealing code.…

Bank Info Security 8 months, 2 weeks ago

'Herodotus' Android Trojan Mimics Human Sluggishness

Trojan Poised for Use in Campaigns Across the GlobeAndroid malware advertised as "Herodotus" on cybercrime forums injects a randomized pause of up to three seconds whenever a hacker bypasses the keyboard on an infected device to enter account credentials. Systems that rely on indicators such as input timing may wave through the transaction.

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed.

Bank Info Security 1 year, 4 months ago

Infostealers Tied to Stolen AI and Defense Credentials

Information-Stealing Malware Continues to Feed Markets for Stolen CredentialsDefense sector and military agency employees, and artificial intelligence service users, all show signs of having been infected by information-stealing malware, as the market for buying and selling stolen credentials continues to thrive, experts warn.

Loading more headlines...